Vulnerabilities > CVE-2022-35098 - Out-of-bounds Write vulnerability in Swftools 20211216

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
swftools
CWE-787

Summary

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColor(GfxColor*) at /xpdf/GfxState.cc.

Vulnerable Configurations

Part Description Count
Application
Swftools
1

Common Weakness Enumeration (CWE)